Browse Source

Add state to install unattended upgrades.

tags/v0.7.0
root 10 years ago
parent
commit
751584ddb4
3 changed files with 87 additions and 0 deletions
  1. +8
    -0
      apt/map.jinja
  2. +58
    -0
      apt/unattended.sls
  3. +21
    -0
      pillar.example

+ 8
- 0
apt/map.jinja View File

@@ -0,0 +1,8 @@
{% set map = salt['grains.filter_by']({
'Debian': {
'pkgs': ['unattended-upgrades'],
'confd_dir': '/etc/apt/apt.conf.d',
'unattended_config': '50unattended-upgrades',
'periodic_config': '02periodic',
},
}, grain='os', merge=salt['pillar.get']('cert:lookup')) %}

+ 58
- 0
apt/unattended.sls View File

@@ -0,0 +1,58 @@
# This is the main state file for configuring unattended upgrades with apt

{% from "apt/map.jinja" import map with context %}

apt_unattended_pakgs::
pkg.installed:
- pkgs:
{% for pkg in map.pkgs %}
- {{ pkg }}
{% endfor %}

{% set origins_pattern = salt['pillar.get']('apt:unattended:origings_pattern', ['origin=Debian,archive=stable,label=Debian-Security']) %}
{% set package_blacklist = salt['pillar.get']('apt:unattended:package_blacklist', {}) %}
{% set auto_fix_interrupted_dpkg = salt['pillar.get']('apt:unattended:auto_fix_interrupted_dpkg', 'true') %}
{% set minimal_steps = salt['pillar.get']('apt:unattended:minimal_steps', 'false') %}
{% set install_on_shutdown = salt['pillar.get']('apt:unattended:install_on_shutdown', 'false') %}
{% set mail = salt['pillar.get']('apt:unattended:mail', 'root') %}
{% set mail_only_on_error = salt['pillar.get']('apt:unattended:mail_only_on_error', 'false') %}
{% set remove_unused_dependencies = salt['pillar.get']('apt:unattended:remove_unused_dependencies', 'true') %}
{% set automatic_reboot = salt['pillar.get']('apt:unattended:automatic_reboot', 'false') %}
{% set dl_limit = salt['pillar.get']('apt:unattended:dl_limit', '0') %}

{{ map.confd_dir }}/{{ map.unattended_config }}:
file.managed:
- contents: |
Unattended-Upgrade::Origins-Pattern {
{%- for pattern in origins_pattern %}
"{{ pattern }}";
{%- endfor %}
};
Unattended-Upgrade::Package-Blacklist {
{%- for package in package_blacklist %}
"{{ package }}";
{%- endfor %}
};
Unattended-Upgrade::AutoFixInterruptedDpkg "{{ auto_fix_interrupted_dpkg }}";
Unattended-Upgrade::MinimalSteps "{{ minimal_steps }}";
Unattended-Upgrade::InstallOnShutdown "{{ install_on_shutdown }}";
Unattended-Upgrade::Mail "{{ mail }}";
Unattended-Upgrade::MailOnlyOnError "{{ mail_only_on_error }}";
Unattended-Upgrade::Remove-Unused-Dependencies "{{ remove_unused_dependencies }}";
Unattended-Upgrade::Automatic-Reboot "{{ automatic_reboot }}";
Acquire::http::Dl-Limit "{{ dl_limit }}";

{% set enabled = salt['pillar.get']('apt:unattended:enabled', '1') %}
{% set update_package_lists = salt['pillar.get']('apt:unattended:update_package_lists', '1') %}
{% set download_upgradeable_packages = salt['pillar.get']('apt:unattended:download_upgradeable_packages', '1') %}
{% set unattended_upgrade = salt['pillar.get']('apt:unattended:unattended_upgrade', '1') %}
{% set auto_clean_interval = salt['pillar.get']('apt:unattended:auto_clean_interval', '7') %}

{{ map.confd_dir }}/{{ map.periodic_config }}:
file.managed:
- contents: |
APT::Periodic::Enable "{{ enabled }}";
APT::Periodic::Update-Package-Lists "{{ update_package_lists }}";
APT::Periodic::Download-Upgradeable-Packages "{{ download_upgradeable_packages }}";
APT::Periodic::Unattended-Upgrade "{{ unattended_upgrade }}";
APT::Periodic::AutocleanInterval "{{ auto_clean_interval }}";

+ 21
- 0
pillar.example View File

@@ -0,0 +1,21 @@
apt:
unattended:
origins_pattern:
- origin1
- origin2
package_blacklist:
- package1
- package2
auto_fix_interrupted_dpkg: true
minimal_steps: false
install_on_shutdown: false
mail: root
mail_only_on_error: false
remove_unused_dependencies: true
automatic_reboot: false
dl_limit: 0
enabled: 1
update_package_lists: 1
download_upgradeable_packages: 1
unattended_upgrade: 1
auto_clean_interval: 7

Loading…
Cancel
Save